Gitiles
Code Review Sign In
review.blissroms.org / platform_system_netd / refs/heads/17 / . / server / NetdNativeService.h
blob: d5932b01aacc90e3248729f72d6945d7f41d831c [file] [log] [blame]
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1/**
2 * Copyright (c) 2016, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef _NETD_NATIVE_SERVICE_H_
18#define _NETD_NATIVE_SERVICE_H_
19
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]20#include <vector>
21
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]22#include <binder/BinderService.h>
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]23#include <netdutils/Log.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]24
25#include "android/net/BnNetd.h"
26
27namespace android {
28namespace net {
29
30class NetdNativeService : public BinderService<NetdNativeService>, public BnNetd {
31 public:
Luke Huange3f11812019-05-02 18:10:15 +0800[diff] [blame]32 NetdNativeService();
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]33 static status_t start();
Lorenzo Colittic2c7b752016-02-23 22:25:11 +0900[diff] [blame]34 static char const* getServiceName() { return "netd"; }
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]35 virtual status_t dump(int fd, const Vector<String16> &args) override;
36
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]37 binder::Status isAlive(bool *alive) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]38
39 // Firewall commands.
Lorenzo Colitticdd79f12020-07-30 12:03:40 +0900[diff] [blame]40 binder::Status firewallReplaceUidChain(const std::string& chainName, bool isAllowlist,
41 const std::vector<int32_t>& uids, bool* ret) override;
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]42 binder::Status firewallSetFirewallType(int32_t firewallType) override;
43 binder::Status firewallSetInterfaceRule(const std::string& ifName,
44 int32_t firewallRule) override;
45 binder::Status firewallSetUidRule(int32_t childChain, int32_t uid,
46 int32_t firewallRule) override;
47 binder::Status firewallEnableChildChain(int32_t childChain, bool enable) override;
Rubin Xuec27ff22019-01-08 21:33:03 +0000[diff] [blame]48 binder::Status firewallAddUidInterfaceRules(const std::string& ifName,
49 const std::vector<int32_t>& uids) override;
50 binder::Status firewallRemoveUidInterfaceRules(const std::vector<int32_t>& uids) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]51
52 // Bandwidth control commands.
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]53 binder::Status bandwidthEnableDataSaver(bool enable, bool *ret) override;
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]54 binder::Status bandwidthSetInterfaceQuota(const std::string& ifName, int64_t bytes) override;
55 binder::Status bandwidthRemoveInterfaceQuota(const std::string& ifName) override;
56 binder::Status bandwidthSetInterfaceAlert(const std::string& ifName, int64_t bytes) override;
57 binder::Status bandwidthRemoveInterfaceAlert(const std::string& ifName) override;
58 binder::Status bandwidthSetGlobalAlert(int64_t bytes) override;
59 binder::Status bandwidthAddNaughtyApp(int32_t uid) override;
60 binder::Status bandwidthRemoveNaughtyApp(int32_t uid) override;
61 binder::Status bandwidthAddNiceApp(int32_t uid) override;
62 binder::Status bandwidthRemoveNiceApp(int32_t uid) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]63
64 // Network and routing commands.
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]65 binder::Status networkCreatePhysical(int32_t netId, int32_t permission) override;
cken67cd14c2018-12-05 17:26:59 +0900[diff] [blame]66 binder::Status networkCreateVpn(int32_t netId, bool secure) override;
Ken Chenab5f3472021-04-04 11:28:06 +0800[diff] [blame]67 binder::Status networkCreate(const NativeNetworkConfig& config) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]68 binder::Status networkDestroy(int32_t netId) override;
69
70 binder::Status networkAddInterface(int32_t netId, const std::string& iface) override;
71 binder::Status networkRemoveInterface(int32_t netId, const std::string& iface) override;
72
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]73 binder::Status networkAddUidRanges(int32_t netId,
74 const std::vector<UidRangeParcel>& uids) override;
75 binder::Status networkRemoveUidRanges(int32_t netId,
76 const std::vector<UidRangeParcel>& uids) override;
Ken Chen4ea88462021-05-23 14:56:43 +0800[diff] [blame]77 binder::Status networkAddUidRangesParcel(
78 const netd::aidl::NativeUidRangeConfig& uidRangesConfig) override;
79 binder::Status networkRemoveUidRangesParcel(
80 const netd::aidl::NativeUidRangeConfig& uidRangesConfig) override;
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]81 binder::Status networkRejectNonSecureVpn(bool enable,
82 const std::vector<UidRangeParcel>& uids) override;
Tyler Wearfa94a272019-12-05 15:01:48 -0800[diff] [blame]83 binder::Status networkAddRouteParcel(int32_t netId, const RouteInfoParcel& route) override;
84 binder::Status networkUpdateRouteParcel(int32_t netId, const RouteInfoParcel& route) override;
85 binder::Status networkRemoveRouteParcel(int32_t netId, const RouteInfoParcel& route) override;
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]86 binder::Status networkAddRoute(int32_t netId, const std::string& ifName,
87 const std::string& destination,
88 const std::string& nextHop) override;
89 binder::Status networkRemoveRoute(int32_t netId, const std::string& ifName,
90 const std::string& destination,
91 const std::string& nextHop) override;
92 binder::Status networkAddLegacyRoute(int32_t netId, const std::string& ifName,
93 const std::string& destination, const std::string& nextHop,
94 int32_t uid) override;
95 binder::Status networkRemoveLegacyRoute(int32_t netId, const std::string& ifName,
96 const std::string& destination,
97 const std::string& nextHop, int32_t uid) override;
98 binder::Status networkSetDefault(int32_t netId) override;
99 binder::Status networkClearDefault() override;
100 binder::Status networkSetPermissionForNetwork(int32_t netId, int32_t permission) override;
101 binder::Status networkSetPermissionForUser(int32_t permission,
102 const std::vector<int32_t>& uids) override;
103 binder::Status networkClearPermissionForUser(const std::vector<int32_t>& uids) override;
104 binder::Status networkSetProtectAllow(int32_t uid) override;
105 binder::Status networkSetProtectDeny(int32_t uid) override;
106 // For test (internal use only).
107 binder::Status networkGetDefault(int32_t* netId) override;
108 binder::Status networkCanProtect(int32_t uid, bool* ret) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]109
Chenbo Feng48eaed32018-12-26 17:40:21 -0800[diff] [blame]110 binder::Status trafficSetNetPermForUids(int32_t permission,
111 const std::vector<int32_t>& uids) override;
112
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]113 // SOCK_DIAG commands.
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]114 binder::Status socketDestroy(const std::vector<UidRangeParcel>& uids,
115 const std::vector<int32_t>& skipUids) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]116
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]117 binder::Status setIPv6AddrGenMode(const std::string& ifName, int32_t mode) override;
118
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]119 // NFLOG-related commands
120 binder::Status wakeupAddInterface(const std::string& ifName, const std::string& prefix,
121 int32_t mark, int32_t mask) override;
122
123 binder::Status wakeupDelInterface(const std::string& ifName, const std::string& prefix,
124 int32_t mark, int32_t mask) override;
125
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]126 // Tethering-related commands.
127 binder::Status tetherApplyDnsInterfaces(bool *ret) override;
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]128 binder::Status tetherGetStats(
129 std::vector<android::net::TetherStatsParcel>* tetherStatsVec) override;
Hungming Chenf40dc092020-03-12 16:21:03 +0800[diff] [blame]130 binder::Status tetherOffloadGetStats(
131 std::vector<android::net::TetherStatsParcel>* tetherStatsVec) override;
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]132 binder::Status tetherStart(const std::vector<std::string>& dhcpRanges) override;
Chiachang Wang08cb2112019-12-10 09:53:24 +0800[diff] [blame]133 binder::Status tetherStartWithConfiguration(const TetherConfigParcel& config) override;
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]134 binder::Status tetherStop() override;
135 binder::Status tetherIsEnabled(bool* enabled) override;
136 binder::Status tetherInterfaceAdd(const std::string& ifName) override;
137 binder::Status tetherInterfaceRemove(const std::string& ifName) override;
138 binder::Status tetherInterfaceList(std::vector<std::string>* ifList) override;
139 binder::Status tetherDnsSet(int32_t netId, const std::vector<std::string>& dnsAddrs) override;
140 binder::Status tetherDnsList(std::vector<std::string>* dnsList) override;
Lorenzo Colittie801d3c2020-02-18 00:00:35 +0900[diff] [blame]141 binder::Status tetherAddForward(const std::string& intIface,
142 const std::string& extIface) override;
143 binder::Status tetherRemoveForward(const std::string& intIface,
144 const std::string& extIface) override;
Lorenzo Colitti182cd3c2020-04-04 00:44:01 +0900[diff] [blame]145 binder::Status tetherOffloadRuleAdd(const android::net::TetherOffloadRuleParcel& rule) override;
146 binder::Status tetherOffloadRuleRemove(
147 const android::net::TetherOffloadRuleParcel& rule) override;
Hungming Chen0c476712020-03-16 13:53:19 +0800[diff] [blame]148 binder::Status tetherOffloadSetInterfaceQuota(int ifIndex, int64_t quotaBytes) override;
Hungming Chen468a20c2020-04-17 20:00:27 +0800[diff] [blame]149 binder::Status tetherOffloadGetAndClearStats(
150 int ifIndex, android::net::TetherStatsParcel* tetherStats) override;
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]151
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]152 // Interface-related commands.
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]153 binder::Status interfaceAddAddress(const std::string &ifName,
154 const std::string &addrString, int prefixLength) override;
155 binder::Status interfaceDelAddress(const std::string &ifName,
156 const std::string &addrString, int prefixLength) override;
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]157 binder::Status interfaceGetList(std::vector<std::string>* interfaceListResult) override;
158 binder::Status interfaceGetCfg(const std::string& ifName,
159 InterfaceConfigurationParcel* interfaceGetCfgResult) override;
160 binder::Status interfaceSetCfg(const InterfaceConfigurationParcel& cfg) override;
161 binder::Status interfaceSetIPv6PrivacyExtensions(const std::string& ifName,
162 bool enable) override;
163 binder::Status interfaceClearAddrs(const std::string& ifName) override;
164 binder::Status interfaceSetEnableIPv6(const std::string& ifName, bool enable) override;
165 binder::Status interfaceSetMtu(const std::string& ifName, int32_t mtuValue) override;
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]166
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]167 binder::Status getProcSysNet(int32_t ipversion, int32_t which, const std::string& ifname,
168 const std::string& parameter, std::string* value) override;
169 binder::Status setProcSysNet(int32_t ipversion, int32_t which, const std::string& ifname,
170 const std::string& parameter, const std::string& value) override;
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]171
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]172 binder::Status ipSecSetEncapSocketOwner(const os::ParcelFileDescriptor& socket, int newUid);
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]173
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]174 binder::Status ipSecAllocateSpi(
175 int32_t transformId,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]176 const std::string& localAddress,
177 const std::string& remoteAddress,
178 int32_t inSpi,
179 int32_t* outSpi);
180
181 binder::Status ipSecAddSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]182 int32_t transformId, int32_t mode, const std::string& sourceAddress,
183 const std::string& destinationAddress, int32_t underlyingNetId, int32_t spi,
184 int32_t markValue, int32_t markMask, const std::string& authAlgo,
185 const std::vector<uint8_t>& authKey, int32_t authTruncBits,
186 const std::string& cryptAlgo, const std::vector<uint8_t>& cryptKey,
187 int32_t cryptTruncBits, const std::string& aeadAlgo,
188 const std::vector<uint8_t>& aeadKey, int32_t aeadIcvBits, int32_t encapType,
189 int32_t encapLocalPort, int32_t encapRemotePort, int32_t interfaceId);
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]190
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]191 binder::Status ipSecDeleteSecurityAssociation(int32_t transformId,
192 const std::string& sourceAddress,
193 const std::string& destinationAddress,
194 int32_t spi, int32_t markValue, int32_t markMask,
195 int32_t interfaceId);
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]196
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]197 binder::Status ipSecApplyTransportModeTransform(const os::ParcelFileDescriptor& socket,
198 int32_t transformId, int32_t direction,
199 const std::string& sourceAddress,
200 const std::string& destinationAddress,
201 int32_t spi);
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]202
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]203 binder::Status ipSecRemoveTransportModeTransform(const os::ParcelFileDescriptor& socket);
Chenbo Feng07d43fe2017-12-21 14:38:51 -0800[diff] [blame]204
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]205 binder::Status ipSecAddSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
206 int32_t direction, const std::string& tmplSrcAddress,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]207 const std::string& tmplDstAddress, int32_t spi,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]208 int32_t markValue, int32_t markMask, int32_t interfaceId);
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]209
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]210 binder::Status ipSecUpdateSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
211 int32_t direction, const std::string& tmplSrcAddress,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]212 const std::string& tmplDstAddress, int32_t spi,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]213 int32_t markValue, int32_t markMask,
214 int32_t interfaceId);
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]215
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]216 binder::Status ipSecDeleteSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]217 int32_t direction, int32_t markValue, int32_t markMask,
218 int32_t interfaceId);
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]219
Chenbo Feng873ae142019-04-10 12:26:06 -0700[diff] [blame]220 binder::Status trafficSwapActiveStatsMap() override;
221
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]222 binder::Status ipSecAddTunnelInterface(const std::string& deviceName,
223 const std::string& localAddress,
224 const std::string& remoteAddress, int32_t iKey,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]225 int32_t oKey, int32_t interfaceId);
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]226
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]227 binder::Status ipSecUpdateTunnelInterface(const std::string& deviceName,
228 const std::string& localAddress,
229 const std::string& remoteAddress, int32_t iKey,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]230 int32_t oKey, int32_t interfaceId);
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]231
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]232 binder::Status ipSecRemoveTunnelInterface(const std::string& deviceName);
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]233
Yan Yanf9c46792022-10-13 00:25:43 +0000[diff] [blame]234 binder::Status ipSecMigrate(const IpSecMigrateInfoParcel& migrateInfo);
235
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]236 // Idletimer-related commands
237 binder::Status idletimerAddInterface(const std::string& ifName, int32_t timeout,
238 const std::string& classLabel) override;
239 binder::Status idletimerRemoveInterface(const std::string& ifName, int32_t timeout,
240 const std::string& classLabel) override;
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]241
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]242 // Strict-related commands
243 binder::Status strictUidCleartextPenalty(int32_t uid, int32_t policyPenalty) override;
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]244
245 // Clatd-related commands
Lorenzo Colitti7ef8c0f2019-01-11 22:34:58 +0900[diff] [blame]246 binder::Status clatdStart(const std::string& ifName, const std::string& nat64Prefix,
247 std::string* v6Address) override;
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]248 binder::Status clatdStop(const std::string& ifName) override;
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]249
250 // Ipfw-related commands
251 binder::Status ipfwdEnabled(bool* status) override;
Luke Huang728cf4c2019-03-14 19:43:02 +0800[diff] [blame]252 binder::Status ipfwdGetRequesterList(std::vector<std::string>* requesterList) override;
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]253 binder::Status ipfwdEnableForwarding(const std::string& requester) override;
254 binder::Status ipfwdDisableForwarding(const std::string& requester) override;
255 binder::Status ipfwdAddInterfaceForward(const std::string& fromIface,
256 const std::string& toIface) override;
257 binder::Status ipfwdRemoveInterfaceForward(const std::string& fromIface,
258 const std::string& toIface) override;
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]259
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]260 // tcp_mem-config command
261 binder::Status setTcpRWmemorySize(const std::string& rmemValues,
262 const std::string& wmemValues) override;
263
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]264 binder::Status registerUnsolicitedEventListener(
265 const android::sp<android::net::INetdUnsolicitedEventListener>& listener) override;
266
Luke Huange60bfd82019-04-26 11:39:31 +0800[diff] [blame]267 binder::Status getOemNetd(android::sp<android::IBinder>* listener) override;
Chiachang Wang00fc62f2019-12-04 20:38:26 +0800[diff] [blame]268 binder::Status getFwmarkForNetwork(int32_t netId, MarkMaskParcel* markmask);
Ken Chen0c209f82022-12-22 15:11:39 +0800[diff] [blame]269 binder::Status setNetworkAllowlist(
Ken Chen04ee6092022-12-26 17:35:33 +0800[diff] [blame]270 const std::vector<netd::aidl::NativeUidRangeConfig>& rangeConfigs) override;
Luke Huange60bfd82019-04-26 11:39:31 +0800[diff] [blame]271
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]272 private:
273 std::vector<uid_t> intsToUids(const std::vector<int32_t>& intUids);
274 Permission convertPermission(int32_t permission);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]275 static FirewallRule parseRule(int32_t firewallRule);
276 static ChildChain parseChildChain(int32_t childChain);
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]277};
278
279} // namespace net
280} // namespace android
281
282#endif // _NETD_NATIVE_SERVICE_H_